search

intuitem / ciso-assistant-community

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PSPF, GDPR, HIPAA, Essential Eight, NYDFS-500, DORA, NIST AI RMF, 800-53, 800-171, CyFun, CJIS, AirCyber, NCSC, ECC, SCF and so much more
https://intuitem.com
Other
1.16k stars 156 forks source link

Gitlab or Adobe Common Controls Framework CCF #868

Closed mfouad closed 1 month ago

mfouad commented 1 month ago

Problem statement The [Agile Security Framework - Baseline] Reference controls are not mapped to other Frameworks like ISO27001 or SOC2 In CCF, Adobe mapped 315 control to 21 industry standard (Framework) https://www.adobe.com/trust/compliance/adobe-ccf.html

PDF https://www.adobe.com/content/dam/cc/en/trust/pdfs/Open_Source_CCF.pdf Excel Format https://www.adobe.com/content/dam/cc/en/trust/pdfs/Open_Source_CCF.xls

Gitlab has a forked repo based on CCF https://gitlab.com/gitlab-com/gl-security/public-gcf/-/tree/master?ref_type=heads

Expected behavior

  1. Import the CCF library
  2. Reference controls are mapped automatically to frameworks, this way if Applied, you are adhering to the framework.
eric-intuitem commented 1 month ago

Very good suggestion, thanks! We will include de CCF, and provide the mappings.